Friday, September 11, 2020

Snort rule update for Sept. 10, 2020

Cisco Talos released a new SNORTⓇ rule set yesterday. Our apologies, as this blog post is going up a day late. 

The latest update includes 14 new rules.

Thursday's release included new protections against some notable malware families, including the Delf downloader, which was recently part of a spam campaign in Spain. There are also two rules targeting the DarkSide ransomware, which recently debuted using several professional techniques to give the group a more formal appearance.


There were no changes made to the snort.conf in this release.

Talos's rule release: 
Talos has added and modified multiple rules in the malware-other rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.